If your PC isn't staying up to date with the latest feature and security updates, it could be because it's not connected to the internet for long enough.
How long is long enough? According to Microsoft's studies, each machine needs to be powered on and continuously connected to the internet for at least two hours for quality and feature updates to install via the Windows Update service. Otherwise it's "very unlikely" a machine will install updates once they're released by Microsoft.
"What we found is that devices that don't meet a certain amount of connected time are very unlikely to successfully update," David Guyers, a Microsoft principal program manager of the Windows Update service, says in a blogpost. Microsoft is now pushing IT admins to use Update Connectivity data, which gives them a per-device snapshot of how good or bad an update is going across the entire fleet.
SEE: Windows 11: Here's how to get Microsoft's free operating system update
"Specifically, data shows that devices need a minimum of two continuous connected hours, and six total connected hours after an update is released to reliably update. This allows for a successful download and background installations that are able to restart or resume once a device is active and connected."
Guyer said approximately 50% of devices that are not on a serviced build of Windows 10 do not meet the minimum update connectivity, and 25% of Windows 10 devices that are on a serviced build, but have security updates that are more than 60 days out of date, have less than the minimum update connectivity.
Reliable and timely updates are important to install when Microsoft releases patches for critical security flaws each Patch Tuesday. Knowing that updates are successfully installing is equally important for those managing tens of thousands of Windows PCs.
Guyers stresses that admins should use Update Connectivity data – available in Microsoft's Intune device management service – as part of their communications with staff about IT security. The heads-up comes as remote and hybrid working are becoming the norm, where PCs are frequently disconnected from the corporate network.
"You can work to ensure that more devices across your organization meet the minimum Update Connectivity measurement by communicating with device owners, encouraging them to leave their devices plugged in and connected – instead of powering them off overnight – so that updates can download and install properly," says Guyer.
"Impress upon them the importance of keeping their devices connected, so their devices can stay protected and they can stay productive."
In Intune, the Update Connectivity status of each device can be found by navigating to Devices > Monitor and, from there, selecting either the Feature update failures or Windows Expedited update failures report.
There are also summary reports in Intune at Reports > Windows updates, which offer a snapshot of the number of devices in a fleet and a breakdown of the number that have updated successfully, are in progress, or have hit an error. Admins need to select the Reports tab and then select Windows Expedited update report.
Guyer also recommends admins investigate power settings and related policies that put a device into a deep sleep or hibernation too quickly. These settings can cause blocked updates. He recommends using the Optimizing Windows Update Adoption to configure devices with power settings that balance power savings with the need to install the latest security updates.